In MDC3, governance alignment is built into the SDLC; the stages align with governance, security reviews, and validation criteria. Which option reflects this statement?

The main idea tested is that governance, security, and validation are not separate silos but are woven into every phase of the software development lifecycle in MDC3. This means each stage carries the necessary governance checks, security reviews, and validation criteria, so progress depends on meeting all three dimensions. That integrated approach ensures alignment with policies, risk controls, and evidence that the work meets security standards and acceptance criteria before moving on. So the statement is true because MDC3 builds governance alignment directly into the SDLC alongside security reviews and validation criteria, giving you traceability and consistent oversight throughout development. The other ideas—focusing only on governance, only on validation, or denying integration—don’t capture how MDC3 treats these elements as interconnected parts of the lifecycle.